Do you know Energetic Bear? No, he’s not a children’s character. It’s more sinister.
IT security firm Symantec says Energetic Bear is a group of Russian hackers that targets power producers and grid operators in Europe and the US. It started life in or before 2011, and has been focusing on infiltrating energy companies in the US and Europe since 2013.
Symantec says Energetic Bear’s malware lets it monitor energy consumption in real time, and enables it to damage and disrupt physical systems including wind turbines. We live in a world surrounded by data, which makes hacking a vital concern for wind investors.
Now, hacking in the energy sector isn’t new. The US is battling with China over claims that Chinese hackers stole secrets from US firms, including information about solar innovations and nuclear technology. Big manufacturers already know they need to protect their ideas.
But Energetic Bear shows how hacking now goes way beyond corporate secrets. It gives hackers the ability to directly control your investments, and hit you financially. If they can stop your turbines from turning then that is a direct financial impact on project owners.
We could try to reduce the amount of data we gather about wind farms, but there will be little appetite from investors to do that. Gathering information on how projects and individual turbines are performing can enable operators to manage and maintain their wind farms more effectively. This increases their profitability and maximises their value.
The solution has to be making sure the growing amount of data is better protected.
The difficulty is knowing where to start. Grids need data in order to track the fluctuating production of wind farms, and make sure energy gets where it needs to be and when. Governments in Europe and the US wants millions more homes to have smart meters by 2020, to help cut energy use, but this will mean more ways for hackers to get into the grid.
Therefore, grids need to be more secure, and utilities will have to fork out billions to try to stop hackers getting in. Manufacturers are in a constant arms race to upgrade their tech.
Investors should also take more of an interest in what happens to the data about their wind farms. This information is being made more accessible to firms in the supply chain, from the contractors who fix the turbines to the consultants who analyse the data. Sharing this information means there are many more points through which hackers can attack.
One danger Symantec highlights is that hackers will try to get data directly from their large targets but, if they can’t, they will happily target firms in the supply chain. Investors need to know about how safe their data is, and that it only goes to people who need it.
You may find it valuable to know all about your assets and control them remotely — but, as Energetic Bear shows, you aren’t alone.
The Irish Government has unveiled changes to its second offshore wind tender that the industry said have created “massive levels of uncertainty”. We look at what this means for the up-to-80GW of offshore wind projects in development in Irish waters.